Malicious PDF — malware analysis report

Static analysis result for SHA-256 61a8c7dbeba6c24e…

MALICIOUS

PDF

42.9 KB Created: 2018-11-23 08:08:43 +03:00 Authoring application: LaTeX with hyperref package (via pdfeTeX-1.10b)
MD5: de64072031862b236e66cd9d67ac30a4 SHA-1: 733c1e8365174165ad341223dd968bd38934f075 SHA-256: 61a8c7dbeba6c24efb9c49dbfd5c3a22e499642e13afa7c80c8d1c35d7fe1473
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links pointing to external PDF files on the domain 'gorillawalker.com'. This behavior is indicative of a link farm, often used for SEO manipulation or to distribute potentially malicious content. The ML classifier also flagged this PDF as malicious with high confidence.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9027

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/rex-ray-art-design.pdf
    • http://www.gorillawalker.com/milady-s-aesthetician-series-common-skin-diseases-a-handbook-for.pdf
    • http://www.gorillawalker.com/escape-from-davao-1st-first-edition-text-only.pdf
    • http://www.gorillawalker.com/harden-s-good-cheap-eats-in-london-1999-harden-s.pdf
    • http://www.gorillawalker.com/chimes-of-freedom.pdf
    • http://www.gorillawalker.com/the-illustrated-tigers-of-india-oxford-india-collection.pdf
    • http://www.gorillawalker.com/1996-annual-book-of-astm-standards-section-12-nuclear-solar.pdf
    • http://www.gorillawalker.com/speaking-god-s-words-a-practical-theology-of-expository-preaching.pdf
    • http://www.gorillawalker.com/lessons-learned-from-virtual-universities-new-directions-for-higher-education.pdf
    • http://www.gorillawalker.com/be-confident.pdf
    • http://www.gorillawalker.com/new-brain-imaging-techniques-in-psychopharmacology-british-association-for-psychopharmacology.pdf
    • http://www.gorillawalker.com/whole-food-company-recipes.pdf
    • http://www.gorillawalker.com/my-first-shapes-leapfrog.pdf
    • http://www.gorillawalker.com/northstar-reading-and-writing-5-myenglishlab-international-edition-4th-edition.pdf
    • http://www.gorillawalker.com/object-thinking-developer-reference.pdf
    • http://www.gorillawalker.com/vietnam-diary-1966-1967.pdf
    • http://www.gorillawalker.com/theatre-lives.pdf
    • http://www.gorillawalker.com/el-hombre-frente-al-espejo-este-libro-revela-veinticuatro-secretos.pdf
    • http://www.gorillawalker.com/the-script-selling-game-a-hollywood-insider-s-look-at.pdf
    • http://www.gorillawalker.com/vacuum-tube-guitar-and-bass-amplifier-theory.pdf
    • http://www.gorillawalker.com/social-skills-and-the-speech-impaired-exc-business-and-economy.pdf
    • http://www.gorillawalker.com/finding-them-riverbend-texas-heat-6-siren-publishing-menage-everlasting.pdf
    • http://www.gorillawalker.com/introductory-applications-of-partial-differential-equations-with-emphasis-on-wave.pdf
    • http://www.gorillawalker.com/matrix-methods-third-edition-applied-linear-algebra.pdf
    • http://www.gorillawalker.com/russell-wilson-the-inspirational-story-of-football-superstar-russell-wilson.pdf
    • http://www.gorillawalker.com/witches-abroad-discworld-novels.pdf
    • http://www.gorillawalker.com/csi-crime-scene-investigation-dying-in-the-gutters-csi-crime.pdf
    • http://www.gorillawalker.com/algebraic-geometry-summer-meeting-copenhagen-august-7-12-1978-lecture.pdf
    • http://www.gorillawalker.com/the-grain-traders-the-story-of-the-chicago-board-of.pdf
    • http://www.gorillawalker.com/boysie-blake-problem-solver-kindle-edition.pdf
    • http://www.gorillawalker.com/the-little-world-of-elves-fairies-an-anthology-of-verse.pdf
    • http://www.gorillawalker.com/bob-dylan-lyrics-1962-2001.pdf
    • http://www.gorillawalker.com/the-coptic-papacy-in-islamic-egypt-the-popes-of-egypt.pdf
    • http://www.gorillawalker.com/obsesiones-y-compulsiones-psicolog.pdf
    • http://www.gorillawalker.com/wine-album.pdf
    • http://www.gorillawalker.com/punished-by-the-king-trysts-in-the-tower-book-1.pdf
    • http://www.gorillawalker.com/making-diversity-work-neteffect-series.pdf
    • http://www.gorillawalker.com/india-explore-the-countries.pdf
    • http://www.gorillawalker.com/historical-atlas-of-latin-america-political-geographic-economic-cultural.pdf
    • http://www.gorillawalker.com/ashley-bell.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.